The Financial Action Task Force (FATF), the international standard setter in anti-money laundering (AML), marked its 30th anniversary in June 2019. April 2020 will mark the same anniversary of the first issue of FATF’s 40 Recommendations. It is thus an appropriate time to consider their impact.
FATF requires governments and their agencies to implement the standards at a national level, but on a day-to-day basis, the main gatekeepers of the international financial system continue to be the financial services sector. They are therefore the primary point of reference for this paper. To meet the laws and regulations that have developed in response to the Recommendations, financial institutions (FIs) have invested increasing amounts of money into controls that will ensure ‘compliance’ with the AML model. Despite substantial levels of private sector investment, however, doubts remain among practitioners and academics about whether the model is effective, not only in terms of how well it is implemented, but in its impact on money-laundering metrics and wider costs and benefits.
Providing answers to these questions currently sits outside FATF’s remit as a standard setter. But they remain important questions nonetheless, because there is a considerable discrepancy between most estimates of the scale of money laundering and the levels of disruption and prosecution of money launderers, as evidenced in a 2016 study by the EU policing agency, Europol. Although it is probable that the gap would be wider without the current model, it is impossible to say by how much. It is a problem that deserves proper exploration. The extent to which the specific AML measures required of FIs impact overall effectiveness is therefore also hard to calibrate. The requirement to file reports on suspicious client activity to national financial intelligence units (FIUs) undoubtedly added value to law enforcement’s efforts to identify financial crime. But although there is significant evidence of this requirement’s financial cost, there are limited indications to show the scale or significance of its benefits, or how impactful it might be in comparison with other elements of the AML model.
The collective experience of the practitioners interviewed also suggests that the current model is having some degree of impact, but that it is probably not optimal. Negligent implementation aside, a key issue is misaligned incentives. Although several major national regulators are now seeking to take a more flexible approach, regulatory examinations have until relatively recently focused on technical compliance and control failures. Such an approach has led to justifiable censure, fines and reputational damage for cases of FI negligence or criminality. However, a lack of information can also lead an FI to make what turns out to be a ‘wrong’ risk decision. Unfortunately, the potential punitive risk that goes with being ‘wrong’ continues to bias the private sector towards over-investment in preventative measures and over-reporting, despite regulatory advice to the contrary. This makes ‘real-life’ effectiveness for FIs a matter of balancing the costs and risks of regulatory action against the size and efficiency of their compliance functions. The ultimate focus is not therefore on the reduction of money laundering, but on protecting the institution and the bottom line.
The AML model’s further fundamental vulnerability is its fragmentation. In the face of increasingly sophisticated, fluid and networked financial crime, AML efforts face a range of operational frictions, between countries, private and public sectors, and individual institutions. Because of this, FIs tend to have a narrow view of who their clients are, and what their behaviour might signify. This makes potential criminality harder to detect. More positively, recent scandals have encouraged some FIs, regulators and law enforcement agencies to find innovative solutions to the problem of fragmentation. One of the most fundamental changes in FIs has been the growing attempt to transform reactive financial crime ‘compliance’ cultures into proactive ‘risk management’. There are early indications that such efforts, combined with initiatives to increase organisational agility, deploy new technology and improve partnerships with other FIs and the public sector, are improving the efficiency of the current model.